UbuntuUpdates.org

Package "gir1.2-gst-plugins-base-0.10"

Name: gir1.2-gst-plugins-base-0.10

Description:

Description: GObject introspection data for the GStreamer Plugins Base library

Latest version: 0.10.36-2ubuntu0.2
Release: xenial (16.04)
Level: security
Repository: universe
Head package: gst-plugins-base0.10
Homepage: http://gstreamer.freedesktop.org

Links


Download "gir1.2-gst-plugins-base-0.10"


Other versions of "gir1.2-gst-plugins-base-0.10" in Xenial

Repository Area Version
base universe 0.10.36-2
updates universe 0.10.36-2ubuntu0.2

Changelog

Version: 0.10.36-2ubuntu0.2 2019-04-29 13:06:27 UTC

  gst-plugins-base0.10 (0.10.36-2ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: heap overflow in RTSP parser
    - debian/patches/CVE-2019-9928.patch: limit length in
      gst-libs/gst/rtsp/gstrtspconnection.c.
    - CVE-2019-9928

 -- Marc Deslauriers <email address hidden> Fri, 26 Apr 2019 09:43:52 -0400

Source diff to previous version
CVE-2019-9928 GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing rem

Version: 0.10.36-2ubuntu0.1 2017-03-27 18:07:06 UTC

  gst-plugins-base0.10 (0.10.36-2ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS in windows_icon_typefind
    - debian/patches/CVE-2016-9811.patch: add bounds check in
      gst/typefind/gsttypefindfunctions.c.
    - CVE-2016-9811
  * SECURITY UPDATE: DoS in gst_riff_create_audio_caps
    - debian/patches/CVE-2017-5837.patch: check for valid channels/rate in
      gst-libs/gst/riff/riff-media.c.
    - CVE-2017-5837
  * SECURITY UPDATE: DoS in gst_riff_create_audio_caps
    - debian/patches/CVE-2017-5844.patch: fix divide by zero in
      gst-libs/gst/riff/riff-media.c.
    - CVE-2017-5844
  * debian/patches/docs_ftbfs.patch: fix FTBFS.

 -- Marc Deslauriers <email address hidden> Thu, 23 Mar 2017 13:31:32 -0400

CVE-2016-9811 The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to c
CVE-2017-5837 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to c
CVE-2017-5844 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to c



About   -   Send Feedback to @ubuntu_updates